SSL Handshake failed with rest API
-
Hello everyone,
Since last Thursday, I'm encontering an SSL Handskae failed when I'm consuming my API.
I'm not using any SSL certificate with then NetworkAccessManager object. Below my source codeQEventLoop eventLoop; QNetworkAccessManager networkManager; if (!m_networkProxy.hostName().isEmpty()) networkManager.setProxy(m_networkProxy); qDebug() << QString("%1/getUserToken?username=%2").arg(m_sServerURL, m_strSerialLic); //TheriaqueSuivi/ QObject::connect(&networkManager, SIGNAL(finished(QNetworkReply*)), &eventLoop, SLOT(quit())); QNetworkRequest networkRequest( QUrl( QString("%1/getUserToken?username=%2").arg(m_sServerURL, m_strSerialLic) ) ); QNetworkReply *networkReply = networkManager.get(networkRequest); eventLoop.exec(); QString strResponse = (QString)networkReply->readAll(); QJsonDocument jsonResponse = QJsonDocument::fromJson(strResponse.toUtf8()); QJsonValue valErrorCode = jsonResponse.object().value(ERROR_CODE); QJsonValue valResult = jsonResponse.object().value(RES_MSG); if ((networkReply->error() != QNetworkReply::NoError) || (valErrorCode.toInt() != 1000)) qDebug() << networkReply->errorString() << valResult.toString() << networkReply->error(); emit networkError( networkReply->error() ); delete networkReply; }
I've seen this issue but despite adding the below source, the error is still here.
QString pemCert = QApplication::applicationDirPath() + "/"+"isrgrootx1.pem"; #if QT_VERSION >= QT_VERSION_CHECK(5, 15, 0) QSslConfiguration::defaultConfiguration().addCaCertificates(pemCert); #else QSslSocket::addDefaultCaCertificates(pemCert); #endif QSslConfiguration SslConfiguration(QSslConfiguration::defaultConfiguration()); QList<QSslCertificate> caList = SslConfiguration.caCertificates(); caList.append(QSslCertificate::fromPath(pemCert.toLocal8Bit())); //Root CA SslConfiguration.setCaCertificates(caList); SslConfiguration.setLocalCertificate(QSslCertificate(pemCert.toLocal8Bit())); SslConfiguration.setProtocol(QSsl::SslV3); SslConfiguration.setPeerVerifyMode(QSslSocket::VerifyPeer); networkRequest.setSslConfiguration(SslConfiguration);
Can anyone tell me what I'm wrong and what to do to fix the problem because it impacts my clients.
Regards -
Hi,
Any chances that your API uses a Let's Encrypt certificate ?
-
Hello
As you can see, I'm not using any certificate to consume the API. In server side, we use a LetsEncryt certficate to use HTTPS protocol. The certificate is up to date after the LetsEncrypt update on 30/09/21.Adding a certificate on the client side doesn't resolve the problem. For test, we have tried to consume the API from a Java client and it works fine. So, the problem is from the application.
-
Hello,
Thanks for the link. It helped me.
But, in my case, I've used the solution given here and the problem was fixed.Regards.